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I (57) Abstract 

In a racfliod and a de- 
vice for partial encryption and 
^ogrcssive tiansmissiwi of im- 

a fiist section of Ac «n- 
«e file -IS compressed at reduced 
ialiw without decryption, and 
a^ewnd section of the unage 
file is encrypted. Users having 
^tS'Sropriated^aypU^i 

keywords can decrypt this $»- 
o„rsection. 

together with the decrypted sec. 
section can then be viewed 

as a full quality imase- Tl» 
age space required for stoniig the 

first and section ">8«*" » 
sendally the same as the stor- 
Se spL required for «o.«g 
Ae uiJencrypted ftdl qua^-V ^■ 
aee By using d» nw«h«» 
^v\ce as described herem stor- 
act and bandwidth requuements 
partially encrypted ima^« 
reduced. Furthermore, object 
based composition and proce»- 
ing of encrypted objects are 
dlitated. and ROIs can be m- 



Iniage 
File 




ceoucBo. . " . ■ -„ 

based composition and proce»- 

ing of encrypted objects are fe- . . . ^. ^ be decryp«d and restored in the compressed domain. 

K^TsZ can be encrypted and the ongmal object can be decryp 
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A METHOD A DE«CB FOR ENCRYPTION OF DfflGES 

Srrrerrven..on .eX..e3 eo a a device .o. 

encrypting ijnages- 

B^rirrROOND OF THE INVENTION AND PRIOR ART 

BACKGROUND OF tecbnical field which beccmes 

Encryptxon of digital data information or 

^™nortant when transmitting and storing secret i 
oir^portant wn available to a user paying for 

information which only snaix ^^oital 
^ ^-i«r. Thus several methods for encrypting digital 

to digital image data. Exaz^les o£ encryption n«thods are DRS, 
triple DBS and the public-key RSA method. 

. ™.n be stored on servers and distributed over a 
Digital images can be stored ^ 

"^---=^=«^"','"''nhvrict^ stfrar-^i- 3u=h as a CD-ROM. 
^ distributed using a = J^^^^ ^.s 

service ^^^"JJ^ ,„,,ext it might be suitable to 

their business model. In this ^^^^^^ 

o«er P-ia^ -^^r i L the image data »..t be 

rrterinlrrto :re:;nt an users .rom having .ull access 
to all image data. 

be offered for sale on the Internet, 
.evs P^--^-^^^.;^ l^,, ,o a,Xow customers to download a 
The service provider wan ^-ntv for evaluation, 

version of the image with reduced <^^^^y [ ,,^iee and 

n want to publish an image, pay tor 

journals, that want ^ ^ quality image, 

are then allowed to download a full qual 

„r. such a service provider ^^-^^^ 
and download bit rates. An imag p ^^^^ cD-ROMs are given 
want to distribute images on ^^^^ , 

away or sold for a low P^^^^" ^.^^^^g them at full 

reduced quality, but they must pay f ^^^^^^^ 
-r., t-H*. case the image provider waxi 

quality. In the case possible. 

space on the CD-ROM as efficiently 
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Xt is also essential =us.c..rs always can access ^ges 

user friendly, e.andaxdisea software. I^ge prov^ers are 
Xctant to design and support special i^ge vxewers and 
customers don't want a proliferation of viewing tools. 

presently, i^ge providers have to store two versions of the 
i^ges stored. The full ^ity version .s stored as an 
encrypted i«age tile- This means that the linnge first xs 
jessed and stored in a compressed file format such as JPEG 
oHlF The co^ressed file is then encrypted using a suitable 
e^cr^tirtoorand an encrypted i^ge file is stored The user 
^.sffirst decrypt this file and then access ^''^ """^^^ 
compressed image file using an i^age viewing tool^ Reduced 
ouality images are produced by processing the full quality ^ 
in - i-age editing program. They are stored as separate 
compressed image files- 

^ „,=blems with this solution are that at least two different 

^ rTtle same i^ge need to be stored, and that both 
^rsions "^ '^UJ^ „Lmitted over the networK in case of 
versions must ^^^^ „3nts to see the free 

remote access in the case a c resolution 
low resolution image before paying for the full 

version. 

^3 results in a significant disa^antage - - 

version i»age contains a „ ,„_Xs would 

information. Images '^^^^^ °* , ^.irly good quality 

in particular -^J^'^X » ^"^^^"^ understanding of 

since journal editors want viahest quality for 

the image content and accepts -^^^f Je 10-SO* of the 

printing. The reduced quality image could regu 

storage space of the full quality »age. 

which IS aescri . „ , o includes many new 
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can select a suitaj,le progression mode. Individual objects 
^Jn La«s can be accessed separately in the JPEG 2000 
:t!^rerCd progressive transmission can be applied also to 
^Hcts xTopL Loo there is also support for independently 
decodal>le coding xanits. 

SUMMARY 

It is an object of the present invention to overcome the 
proble.. as outlined above and in particular to -^^^^^ 
Lount of memory recr^ired for storing an i^ge. wh.=h partially 
Xll be possible to view, and also to reduce transm.ss.cn t.^ 

in a transmission scheme transmitting partially encrypted. 

xxoa^es. 

r::^lZ Z LTe -e can be decompressed at reduced ^ity 
"thout decryption, i.e. the first low ^ality .mage « not 
Ilcrypted, and .her. a second section of the .mage f.le .s 
encrypted. 

.us, users >»ving^=«— ^^l^'^^ - 
decrypt f^^^^^^^^Z " L^e viewed as a full ^Uty 
decrypted second section can storing the first and 

^,e. The storage ^P^/J^X^t^r rislhe storage space 

^ge. The 

«<^.red J-^™ ^y, depending on the 

encrypt.on of the second ^^^^ ^ ^^^^ 

rcXToXr^ r^encrypted second section, 
.he image c. also be 

each section may be '-^^f^;^;^^ ^ unencrypted. 

method and ^^y^^^' ^'^f Z "^,^^ and device as described 
M important element of the metho o£ 

. . the compressed images consist or a 

herein is that the comp 

possible CO p entropy decoding, 

domain without performing entropy 
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reduced ^Ity i^age can be produced according to several 
different main schemes, such as; 

1) Reduced resolution 

2) Reduced accuracy of the transform coefficxents 

3) Llusion of predefined regions of interest (ROD 

..ese methods can he combined so that a "^^^^f ^^^^^^^^ 
e.g. produced by reducing both the resolutxon and the accuracy 
of the transform coefficients - 

By using the «thod and device for storing and "-^^"^"^"^ 
V^Zt. as described herein, several advantages are obta^ed. 
^ there is no need to store two different versions of an 

« different users are to have access to different qualxty 
i„age i£ different us ^^^ssion times becon« much 

of the one and same ^ge. Mso tren ^solution. 
lo«r if the information content of ^^^^^^ ^ _ resolution 
image data can be reused »hen transm=.tting the higher 

ifliage data. 

BBSC.xP.xa« o. THB D^nios ^ ^^^^^ ^ 

TthTerenrtrt:: rcUanymg drawings, in which: 

. .ig. 1 is a general view of the -^rrdel^a^o^^' to 

. Pigs. 2a and 2b shows encryption of images 

^iH - : rrrh:rt mustrating some steps carried out 

when encrypting an ^^a^. ^ server process. 

- Fig. 4 is a diagram illustrating 

. ,4. 5 is a vie. of an encryption header 

DETAILED DESCRIPTION structure of an original, 

in Fig. 1. a general view of ^e ^le s. ^^^^ 

high resolution, ^^'^ ;;;^^:7,„T,:;,endently decodable coding 
consists of a "-^-/'^/^^"^/^ Ule structure shown in rig. 
sections 101, 103 -^^"Z' resolution version of a high 

I, the "^:;::::;:,:,Lt encryption and will therefore 

resolution image, is coaeu 
he possible to decode by any receiver. 
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.ion 103 which con5»rises data, which combined with the 
The in a medium resolution version of 

data of sectxon 101, ^^^^^ encrypted using a first encryption 

T:^:^Z:^s :rn Tccess to L correct 
T^..T::^1^:^^^^ ahle to decode the data stored in the 
section 103. 

• /qaf a wliich combined with the 
^Ar.T. -io^ which comprises data, wnxcu 
TtaTf sc.- n\rand 1^^ results in a full resolution versxon 

thfhlgh resolution image. " is encrypted using a second 
of the receivers having access to the 

encryption method, ana onxy stored in the 

encryption key will be able to decode the data 

section 105. 

. ^- „ the section 101 will result in a low 
Thus, decodxng of ^^^^Tn-j Decryption 109 and decoding of the 

decoding of the sectxoH ^r, a full resolution image 

from the sections 101 and 103 result xn a full 

115. 

• .-v,^ JPEG 2 COO standard without 
Furthermore, implementation in the verification 

see Charilaos ^^^^ of the ..KO 

Model versxon 2.0. ^--^^ ^,,3,,eam so that a wxde 

2000 bitstream can be insertea 
ralge of progressive modes can be supported. 

^ ^ n a coding unit is a part of 
^ ^KO 2000 verification "-^'^^ /Jt^fj^, a given 
.^.e bitstream that -^^^'^^.^/^tf.L ^ a-cri.ed a. a.y 
^^and. in general, a ^^^-^ ^^^^ irfoonation. The general 
,„.e.en.entlv -^^X:^'^-: .r.er is to incl... so 

rar/rart>rtVc.nes - -ir:LTt;i -r is 

Known) . several specxfic ,^e bits that 

aefines a default coding 

are needed for inserting explicit tags. 
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in Figs. 2a and 2b bloCc diagrams describing how encryption can 
be implemented in the JPEG 2000 encoder and decoder 
respectively, are shown. 

Thus in Fig 2a a block diagram where encrvption is performed 
T^r entropy coding in the encoder is shown. Coding «nits enter 
I ZXv coding bloc. 201. IB the block 201 coding the c^g 
^its arf entropy coded using some suitable ™ 
output from the block 201 is fed to a selector „h.ch selects a 
suitable encryption method for each entropy coded cod^g un.t. 
some coding units can be selected to not be encrypted at all. 

I„ response to the selection made in the selector 203 the 
Z^ro^ coded coding units axe encrypted in a block 205. The 
^l^ed coding units together with the not encrypted cod^g 
uni« then form a combined output data stream, whrch can be 
Stored or transmitted. 

in Fig 2b a decoder for decoding the bit stream generated by 
in F^3. 2b ^^^^^ encrypted and not 

which selects m= the received coding unit is not 

coded coding unit, or xf the receivea a 
Lcrypted it is directly transmitted to a bloc)c 255. 

. .a the selection made in the selector 255 the 
respons^ to the sel ^^^^^^^ ^ ^^^^^ ^^^^^ , 

entropy coded coamg ^^^.-h codincr \anits are 

suitable decryption algorithm. The oecryp 

units 

.hen fed to the block 25S. " the block 2^S the g^^^^^^^ 
from fed directly from the selector "^J^"^ ^ ^^^^^^ 

Mock 253 are entropy ^^'^^^ ,^ ^^^Tt.. slZ^ which is fed 
output data stream corresponding to the data 
to the entropy coding block 201 xn Fxg. 2a. 

..ch coding - -rrrnUr^tt; ::;redtiock. 

ngs. 2a and r/Zercr^pted separately with any user 

Each codxng unit can als same .mage 

:rbrerr;Ter::rd:»errnt encryption methods, .he 

SUBSTTTirre SHEET (RULE 26) 



PCr/SE99/02ia6 

wo 00/31964 ^ 

encryption nethcd used can further be an encryption algorithn. 
c^ed with a .ey«=ra or a .^thod for generating keywords . 

„-«.rent encryption methods can in such an embodiment have 

i::::ri ^^z.^ - --rent — — x^rtta 
-:rr:::srL:i:rorrgrit:^^^^^^^^^^ 

::1p:ci y the Encryption Method, .mit Encryption State ^, xs 
°^or that for each coding .nit defines how it xs encrypted. 

„ 3, a flow Chart illustrating different steps carried out 

Lrypting an image are sho«.. First, in a step 301, an 
iTgeToTe partially encrypted is received. The image received 
Tstep 301 Is then coded using a coding algorithm generating 
^:^Lly decodable coding units, e.g. a.B« =000, m a step 



303. 



. .tec 305 some of the ccxiing units of the image coded 
Next, in a step 305, some «„itable encryption method, 

■inn ar-e encrvpted using some suita£>ie enci^rf 
: Z units that are chosen to be encrypted 

."srin^tcordance with user preferences. Thus, a user can 
can be set m accotucxxA^ hiaher order 

...e to - ™- 

!:itrcodi:r:^rsThich are not encrypted are merged .nto a 

single bit stream. 

. . e flow chart illustrating a client-server process 
in P19. 4. = according to the method as 

^ transmlttrng an a client 

described in Vo ''The client «1 can then issue 

rret:nrrth: server .03 for a particular image, step 

405. 

,enlies by transmitting the coding units of the 
The server 403 replies encrypted 
image which are not -crypt-d nave 
coding units can be decoded by the clx ^^^^ 
access to a low ^^^^^^^.'^'^ ^y Z^, to have access t 
rtrr aTgrrrtiiror the^uH image. If so the 
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Client transmits a request to the server requesting such 
information, step 409. 

The server replies by seading a request to the client requesting 
the client to agree to the conditions for transmitting the ^ 
higher resolution version of the i^ge, step 411. If the clxent 
agrees via a message 413. e.g. con5.rising a card number or 
account number from which to bill the cost for the image the 
server sends the encrypted coding units together with a key word 
by means of which the encrypted coding units can be decrypted, 
step 415. A secure method for key distribution should be used. 
Exiles of such secure methods are described in W. Stallings 

-Data and computer Communications", p 635 -637. Prentxce-Hall 

1997 fifth edition ISBN 0-13-571274-2. 

If the client already has access to the unencrypted and 
encrypted coding units, for exa^^le if he has purchased a^-ROM 
^it^images coded as described herein. The scheme as described 
in conjunction can be modified so that no image data xs 

the server in order to have access to the key wordi , 
required to decrypt the encrypted coding unxts of the CD ROM. 

the method and device as described herein is 
in the case when the methoa standard, it 

used when encoding image according to the JPEG 

fhe JPEG 2000 standard does not standaraise 
is advantageous if the JVEi. ^ „ ^ ^ ^>,,t is included in the 
»^v,r,^c: An Encryption Header that iS incxu«« 

"^rJTZo rJs ^ -a « specify how codxn, 

units are decrypted. 

in such an embodiment the JPEG 2000 image header contains an 
in such an emn ^^^.^^ ^3 

Encryption Flag (EP) . EP ^ ^^^^ ^^^^^^^^ 

encrypted. An Encryption Header ^i^nj can 
"eTpEG .000 i^ge header end enczvption .nfon.at.on cen 
optionally be merged into JPEG 2000 Tags. 

s an enc^tion header is -o-n The Bncrypt-n Header 



In Fig 



can 



rn s:crre;;:.r„ent contam the following sv^hole 
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1) Encryption Mode (EM) . A set of standard encryption modes are 
defined e.g. 

a) one encryption method is used for all coding units 

b) Bitplanes of less significance than bitplane X are encrypted 

c) Subbands of higher resolution than Y are encrypted 

d) ROIs specified in are encrypted, etc. 

NO encryption information need to included in the Tags if an EM 
is defined. 

2) Encryption Mode Parameters (BMP). Parameters (X. Y, ...) that 
are used to define the Encryption Mode are set here. 

3) Number of encryption methods used. Several encryption methods 
can be used within the same unage if e.g. different user groups 
should be allowed to see different image content. 

Kt=4->,r«^ neacriotor (EMD) for each encryption 

4) One Encryption Method Descriptor i ^ ^. 

method The EMD defines any data that is needed by the 

...^s - 

eal encryption .etl>od. This nun^er xs used .n UES syn* 

fr.T paeh coding unit specify if it is 
irrrn TVZ^. - - - se.Un. one 

^'^--Ti^J^z^^r^^ o. 

^cls could ^i,3„ea. .s encryption 

^'"":r;:7rs o^^tU is .ept m t.e encryption header „e 
tags. If the ue£> ini-ui. ci- = fp (ES) ES consists of 

define a header element - ^^-^--f;^^ '/J ,,,er as the 

a series of DES symbols that are listed m the sam 
coding units appears in the bit stream. 

XP HP is set and the Encryption State is not given in the 

SUBSTTTUTE SHEET (RULE 26) 
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H^^der JPEG 2000 Tags can be expanded to contain Unit 

^ !!I;iontate (UES) symbols. UES defines whicn encryption 

rtl^ is^d .or enc^tin. t.e next coding 

unit. 

Th. transform coefficients belonging to a ROI can be bandied as 
re:cri::rabove. Xbev can be co^letely or partially .ncr^Ced 
by selecting appropriate coding units belonging to the EOI 
encryption. 

that the shape of the ROI might reveal the 
The maxn problem is that the s p ^^^^^ver, difficult 

content. If the shapes are encrypted it xs, howe 
to Show a reduced quality image since it is difficult to 
interpret the coded transform coefficients. 

shape is a bounding box. 

T» •or\r in the JPEG 2000 bit 

^ rc::drtLrenrry;tion as described in 

stream. The c-sbape .s cod verification Model 

Cbarilaos ^'-""^""'"^'"thl teclmique as described therein 

reXrthl: shape is defined in the .000 



header. 



,->,o e- shape and the transform 
^ ^sK is created --J^''- = ^^pe is coded and encrypted 
coefficients belonging to the c s p ^^^^ 
using the .ethod a. descried ^"-- J ^^^^ .Yielded 
ell coefficients belonging any of ^^^^ . ^ ^^^^ 

by the c-shape axe encrypted. The text 
protected by encryption. 

.he Shape of :::rnirert^^^^^^^^ - 

encryption header. The corresponding c-shape. 

r:e:::rc:: Z = r ^crypted bac.ro.nd. The c. 
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can be display^ as a blanlc region. The original EOIs can 
r T.^i.t tZ keyword is Icnown. This is done by decrypting 
fhe tc Lr b^t'ging « the c-shape. The shape o. eachJ«=X 

bridging to the c-shape is also decrypted. The bitstrea- can 
not^ rearranged so that the c-shape is dropped and the 
::lg!:alToX dita structures are restored. Kote that thrs rs 
done in the compressed domain. 

The mas. that is used for encoding a ROI is not — ^/^f 
in JPEG 2000. A mask that is sufficiently large so that the ROI 
• s ^foded lossless will often cover the whole lower ^^^-^^ ^ 
LTLt is not allowed to expand will lead to a lossy encoding 
Tth "ox T^e masks belonging to different ROI s or to a RO^ 
aid the background can he designed to overlap. Thxs .eans that 
some coefficients are encoded in more than one ^01- Suc^ 

-. will lead to a reduced overall compressxon but the ROls 
overlap will leaa co a accessed and decoded 

are more independent so that any ROI can be accessed 

with a good visual resiilt. 

^v. A fr.-r noTs dcscribed herein is not 
partial encryption '^f^^l^'^^ ^ is selected 

dependent o£ ^^^l^^^^ :lr^ Z\.co.s.^c.e. .ro. the 

zr. :rrc« or bac^gro^d. ^ rir^aL 
-L^rirrrr.:: rririUn .dei .rsion 

■ .he .ethod and device as described herein storage and 
By using the metnoa an encrypted images is 

.snd^idth «^^"-«%:°:,n:3fd L^Ttion and processing of 
.educed, ^rthermore. -^^^^^^ encrypted. 
-^"^ Objects are faciX^tated^^ ^^^ ^^^^^^^^ 

re; " 

«>other advantage is that -^-^'-t^/rll^re^T^r since 
performed at the sane ti^e as encoding '^^ J^ 
- process ta.« Place ,^,es without 

bitstream syntax) i P ^formed just before 

encryption. The ^^^^^^^^^J^/ ,,,^scoder) . In this case, 
transmitting the image by a parser 
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^v,= ^.^^■rate which will be the case 
" encrVPtio. increases . tra.e ^^^^^^^ ^ ^^^^^^^ 

transmitting it- 
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CLAXKS 

1. K ,.eth,d Of p«tially encrypting i^age data com|«:isi.g the 

TZ^'t^. 1-ga data u.ing an encoding algoria,. generating 

independently deoodable coding onlts, 

- encrypting at least one of the coding muits, and 

. cidin, units Which are not encrypted with ccd^ unxts 

which are encrypted into a cort>lned bitstrea.. 

. X »eth=d according to claii. 1. characterised in that the not 
e;4^ted coding units correspond to a low resolution version of 
the image data. 

3 A method according to «.y of claims 1-2, chsr.ctexi.ed in 

liffer^ coding units are encrypted using different coding 
me'th.ods • 
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